The InfoSec team wants to be notified via email each time a Security Group is misconfigured.
Which Prisma Cloud tab should you choose to complete this request?
The InfoSec team wants to be notified via email each time a Security Group is misconfigured.
Which Prisma Cloud tab should you choose to complete this request?
To notify the InfoSec team via email each time a Security Group is misconfigured, the correct Prisma Cloud tab to choose is 'Alert Rules'. In 'Alert Rules', you can create a rule that triggers alerts based on specific policies, such as misconfigurations in Security Groups. This rule can be configured to send email notifications to specified recipients, ensuring that the InfoSec team receives the alerts they need.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-alerts/create-an-alert-rule-for-build-time-checks.html
C To send email notifications for alerts triggered by an alert rule, Prisma Cloud provides a default email notification template. You can customize the message in the template using the in-app rich text editor and attach the template to an alert rule. In the alert notification, you can configure Prisma Cloud to send the alert details as an uncompressed CSV file or as a compressed zip file, of 9 MB maximum attachment. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-alerts/send-prisma-cloud-alert-notifications-to-third-party-tools
Tricky question. Inside an "Alert rules" you can configure an "Configure Notifications"
A 1. Alert Rules, you can enable the optional Auto-Actions, Alert Notifications, and Auto-Remediation 2. Assign Targets- select Account Groups 3. Select the policies for which you want this alert rule to trigger alert 4. Configure Notifications to enable alert Notifications (email) (https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-alerts/create-an-alert-rule)
C... alert rules is correct. To complete the request of notifying the InfoSec team via email each time a Security Group is misconfigured, you should use the "Alerts" tab in Prisma Cloud Enterprise. You can create an alert rule for misconfigured Security Groups by configuring a policy that checks for Security Group misconfigurations and then associating that policy with an alert rule. In the alert rule, you can specify the email addresses of the InfoSec team to receive the alerts when a Security Group is misconfigured. To create an alert rule in Prisma Cloud Enterprise: Go to the "Alerts" tab in the Prisma Cloud Enterprise console. Click on "Create Rule" button. Select the policy you want to use to generate alerts for Security Group misconfigurations. Specify the alert details, such as severity level, notification method, and recipient email addresses. Save the alert rule. Once the alert rule is created, the InfoSec team will receive an email notification each time a Security Group is misconfigured, as per the defined policy.